Well, VPN would do the trick, indeed; however, that would imply overloading users with vpn clients. I'd rather a HTTPS based system. What I'm looking for is something like Outlook Web Access with Microsoft Exchange. The back-end server would be in the LAN, with maximum security, and the front-end server (only mail relay and web access) would be in the DMZ zone. I'm afraid I must include a security level as high as possible, so perhaps using only one server for Zimbra in the DMZ would be my last resource, altough I don't discard it... so, what could we do in the line I suggest, without VPN? this is getting interesting
